wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

escape log messages to avoid possible js execution

Browse source
This commit is contained in:
Bjoern Schiessle 2012-06-18 09:42:31 +02:00
parent e5feb4e1aa
commit 91f69858e4
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
settings/js/log.js
View file

@ -39,7 +39,7 @@ OC.Log={
row.append(appTd);
var messageTd=$('<td/>');
messageTd.text(entry.message);
messageTd.text(entry.message.replace(/</, "&lt;").replace(/>/, "&gt;"));
row.append(messageTd);
var timeTd=$('<td/>');